What is the authoritative source for CWE-415?

Double Free (CWE-415) is catalogued in MITRE CWE and curated for EU compliance use cases by SQUR.

VariantDraft

CWE-415Double Free

Category: other

The product calls free() twice on the same memory address.

Integrity / Confidentiality / Availability — Modify Memory, Execute Unauthorized Code or Commands

[Architecture and Design]Choose a language that provides automatic memory management.
[Implementation]Ensure that each allocation is freed only once. After freeing a chunk, set the pointer to NULL to ensure the pointer cannot be freed again. In complicated error conditions, be sure that clean-up routines respect the state of allocation properly. If the language is object oriented, ensure that object destructors delete each chunk of memory only once.
[Implementation]Use a static analysis tool to find double free instances.

Type	Target	Confidence	Tier
Vulnerability	CVE-2025-20134cve-2025-20134	0%	live
Vulnerability	CVE-2025-21201cve-2025-21201	0%	live
Vulnerability	CVE-2025-21291cve-2025-21291	0%	live
Vulnerability	CVE-2025-23102cve-2025-23102	0%	live
Vulnerability	CVE-2025-32988cve-2025-32988	0%	live
Vulnerability	CVE-2025-49688cve-2025-49688	0%	live
Vulnerability	CVE-2025-5100cve-2025-5100	0%	live
Vulnerability	CVE-2025-55118cve-2025-55118	0%	live
Vulnerability	CVE-2025-55158cve-2025-55158	0%	live
Vulnerability	Microsoft Windows Race Condition Vulnerabilitycve-2025-62215	0%	live
Vulnerability	CVE-2026-23918cve-2026-23918	0%	live
Vulnerability	CVE-2026-31608cve-2026-31608	0%	live
Vulnerability	CVE-2026-31609cve-2026-31609	0%	live
Vulnerability	CVE-2026-33824cve-2026-33824	0%	live
Vulnerability	CVE-2026-43011cve-2026-43011	0%	live
Vulnerability	CVE-2026-43249cve-2026-43249	0%	live
KEVEntry	Adobe Acrobat and Reader Double Free Vulnerabilitykev-cve-2018-4990	0%	live
KEVEntry	Apple Multiple Products Code Execution Vulnerabilitykev-cve-2020-9859	0%	live
KEVEntry	Linux Kernel Privilege Escalation Vulnerabilitykev-cve-2021-22600	0%	live